2 # GNU Guix --- Functional package management for GNU
3 # Copyright © 2017 sharlatan <sharlatanus@gmail.com>
4 # Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
5 # Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
6 # Copyright © 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
7 # Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com>
9 # This file is part of GNU Guix.
11 # GNU Guix is free software; you can redistribute it and/or modify it
12 # under the terms of the GNU General Public License as published by
13 # the Free Software Foundation; either version 3 of the License, or (at
14 # your option) any later version.
16 # GNU Guix is distributed in the hope that it will be useful, but
17 # WITHOUT ANY WARRANTY; without even the implied warranty of
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 # GNU General Public License for more details.
21 # You should have received a copy of the GNU General Public License
22 # along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
24 # We require Bash but for portability we'd rather not use /bin/bash or
25 # /usr/bin/env in the shebang, hence this hack.
26 if [ "x$BASH_VERSION" = "x" ]
33 [ "$UID" -eq 0 ] ||
{ echo "This script must be run as root."; exit 1; }
55 PAS
=$
'[ \033[32;1mPASS\033[0m ] '
56 ERR
=$
'[ \033[31;1mFAIL\033[0m ] '
60 GNU_URL
="https://ftp.gnu.org/gnu/guix/"
61 OPENPGP_SIGNING_KEY_ID
="3CE464558A84FDC69DB40CFB090B11993D9AEBB5"
63 # This script needs to know where root's home directory is. However, we
64 # cannot simply use the HOME environment variable, since there is no guarantee
65 # that it points to root's home directory.
66 ROOT_HOME
="$(echo ~root)"
68 # ------------------------------------------------------------------------------
72 { # All errors go to stderr.
73 printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
77 { # Default message to stdout.
78 printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
83 if [ "${DEBUG}" = '1' ]; then
84 printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
90 { # Check that every required command is available.
94 _debug
"--- [ $FUNCNAME ] ---"
97 command -v "$c" &>/dev
/null || warn
+=("$c")
100 [ "${#warn}" -ne 0 ] &&
101 { _err
"${ERR}Missing commands: ${warn[*]}.";
104 _msg
"${PAS}verification of required commands completed"
108 { # Check whether the Guix release signing public key is present.
109 _debug
"--- [ $FUNCNAME ] ---"
111 # Without --dry-run this command will create a ~/.gnupg owned by root on
112 # systems where gpg has never been used, causing errors and confusion.
113 gpg
--dry-run --list-keys ${OPENPGP_SIGNING_KEY_ID} >/dev
/null
2>&1 ||
(
114 _err
"${ERR}Missing OpenPGP public key. Fetch it with this command:"
115 echo " wget 'https://sv.gnu.org/people/viewgpg.php?user_id=15145' -qO - | sudo -i gpg --import -"
121 { # Check for ANSI terminal for color printing.
125 if [ "${TERM+set}" = 'set' ]; then
127 xterm
*|rxvt
*|urxvt
*|linux
*|vt
*|eterm
*|screen
*)
141 { # Return init system type name.
142 if [[ $
(/sbin
/init
--version 2>/dev
/null
) =~ upstart
]]; then
143 _msg
"${INF}init system is: upstart"
146 elif [[ $
(systemctl
2>/dev
/null
) =~
-\.mount
]]; then
147 _msg
"${INF}init system is: systemd"
150 elif [[ -f /etc
/init.d
/cron
&& ! -h /etc
/init.d
/cron
]]; then
151 _msg
"${INF}init system is: sysv-init"
154 elif [[ $
(openrc
--version 2>/dev
/null
) =~ \
(OpenRC\
) ]]; then
155 _msg
"${INF}init system is: OpenRC"
160 _err
"${ERR}Init system could not be detected."
165 { # Check for operating system and architecture type.
173 i386 | i486 | i686 | i786 | x86
)
176 x86_64 | x86-64 | x64 | amd64
)
186 _err
"${ERR}Unsupported CPU type: ${arch}"
195 _err
"${ERR}Your operation system (${os}) is not supported."
199 ARCH_OS
="${arch}-${os}"
202 # ------------------------------------------------------------------------------
206 { # Scan GNU archive and save list of binaries
212 _debug
"--- [ $FUNCNAME ] ---"
214 # Filter only version and architecture
215 bin_ver_ls
=("$(wget -qO- "$gnu_url" \
216 | sed -n -e 's/.*guix-binary-\([0-9.]*\)\..*.tar.xz.*/\1/p' \
219 latest_ver
="$(echo "$bin_ver_ls" \
220 | grep -oE "([0-9]{1,2}\.
){2}[0-9]{1,2}" \
223 default_ver
="guix-binary-${latest_ver}.${ARCH_OS}"
225 if [[ "${#bin_ver_ls}" -ne "0" ]]; then
226 _msg
"${PAS}Release for your system: ${default_ver}"
228 _err
"${ERR}Could not obtain list of Guix releases."
232 # Use default to download according to the list and local ARCH_OS.
233 BIN_VER
="$default_ver"
237 { # Download and verify binary package.
242 _debug
"--- [ $FUNCNAME ] ---"
244 _msg
"${INF}Downloading Guix release archive"
246 wget
--help |
grep -q '\--show-progress' && \
247 _PROGRESS_OPT
="-q --show-progress" || _PROGRESS_OPT
=""
248 wget
$_PROGRESS_OPT -P "$dl_path" "${url}/${bin_ver}.tar.xz" "${url}/${bin_ver}.tar.xz.sig"
250 if [[ "$?" -eq 0 ]]; then
251 _msg
"${PAS}download completed."
253 _err
"${ERR}could not download ${url}/${bin_ver}.tar.xz."
257 pushd $dl_path >/dev
/null
258 gpg
--verify "${bin_ver}.tar.xz.sig" >/dev
/null
2>&1
259 if [[ "$?" -eq 0 ]]; then
260 _msg
"${PAS}Signature is valid."
263 _err
"${ERR}could not verify the signature."
269 { # Unpack and install /gnu/store and /var/guix
273 _debug
"--- [ $FUNCNAME ] ---"
278 _msg
"${PAS}unpacked archive"
280 if [[ -e "/var/guix" ||
-e "/gnu" ]]; then
281 _err
"${ERR}A previous Guix installation was found. Refusing to overwrite."
284 _msg
"${INF}Installing /var/guix and /gnu..."
285 mv "${tmp_path}/var/guix" /var
/
286 mv "${tmp_path}/gnu" /
289 _msg
"${INF}Linking the root user's profile"
290 mkdir
-p "${ROOT_HOME}/.config/guix"
291 ln -sf /var
/guix
/profiles
/per-user
/root
/current-guix \
292 "${ROOT_HOME}/.config/guix/current"
294 GUIX_PROFILE
="${ROOT_HOME}/.config/guix/current"
295 source "${GUIX_PROFILE}/etc/profile"
296 _msg
"${PAS}activated root profile at ${ROOT_HOME}/.config/guix/current"
299 sys_create_build_user
()
300 { # Create the group and user accounts for build users.
302 _debug
"--- [ $FUNCNAME ] ---"
304 if [ $
(getent group guixbuild
) ]; then
305 _msg
"${INF}group guixbuild exists"
307 groupadd
--system guixbuild
308 _msg
"${PAS}group <guixbuild> created"
311 for i
in $
(seq -w 1 10); do
312 if id
"guixbuilder${i}" &>/dev
/null
; then
313 _msg
"${INF}user is already in the system, reset"
314 usermod
-g guixbuild
-G guixbuild \
315 -d /var
/empty
-s "$(which nologin)" \
316 -c "Guix build user $i" \
319 useradd
-g guixbuild
-G guixbuild \
320 -d /var
/empty
-s "$(which nologin)" \
321 -c "Guix build user $i" --system \
323 _msg
"${PAS}user added <guixbuilder${i}>"
328 sys_enable_guix_daemon
()
329 { # Run the daemon, and set it to automatically start on boot.
335 _debug
"--- [ $FUNCNAME ] ---"
337 info_path
="/usr/local/share/info"
338 local_bin
="/usr/local/bin"
339 var_guix
="/var/guix/profiles/per-user/root/current-guix"
343 { initctl reload-configuration
;
344 cp "${ROOT_HOME}/.config/guix/current/lib/upstart/system/guix-daemon.conf" \
346 start guix-daemon
; } &&
347 _msg
"${PAS}enabled Guix daemon via upstart"
350 { # systemd .mount units must be named after the target directory.
351 # Here we assume a hard-coded name of /gnu/store.
352 # XXX Work around <https://issues.guix.gnu.org/41356> until next release.
353 if [ -f "${ROOT_HOME}/.config/guix/current/lib/systemd/system/gnu-store.mount" ]; then
354 cp "${ROOT_HOME}/.config/guix/current/lib/systemd/system/gnu-store.mount" \
355 /etc
/systemd
/system
/;
356 chmod 664 /etc
/systemd
/system
/gnu-store.mount
;
357 systemctl daemon-reload
&&
358 systemctl
enable gnu-store.mount
;
361 cp "${ROOT_HOME}/.config/guix/current/lib/systemd/system/guix-daemon.service" \
362 /etc
/systemd
/system
/;
363 chmod 664 /etc
/systemd
/system
/guix-daemon.service
;
365 # Work around <https://bugs.gnu.org/36074>, present in 1.0.1.
366 sed -i /etc
/systemd
/system
/guix-daemon.service \
367 -e "s/GUIX_LOCPATH='/'GUIX_LOCPATH=/";
369 # Work around <https://bugs.gnu.org/35671>, present in 1.0.1.
370 if ! grep en_US
/etc
/systemd
/system
/guix-daemon.service
>/dev
/null
;
371 then sed -i /etc
/systemd
/system
/guix-daemon.service \
372 -e 's/^Environment=\(.*\)$/Environment=\1 LC_ALL=en_US.UTF-8';
375 systemctl daemon-reload
&&
376 systemctl
enable guix-daemon
&&
377 systemctl start guix-daemon
; } &&
378 _msg
"${PAS}enabled Guix daemon via systemd"
381 { mkdir
-p /etc
/init.d
;
382 cp "${ROOT_HOME}/.config/guix/current/etc/init.d/guix-daemon" \
383 /etc
/init.d
/guix-daemon
;
384 chmod 775 /etc
/init.d
/guix-daemon
;
386 update-rc.d guix-daemon defaults
&&
387 update-rc.d guix-daemon
enable &&
388 service guix-daemon start
; } &&
389 _msg
"${PAS}enabled Guix daemon via sysv"
392 { mkdir
-p /etc
/init.d
;
393 cp "${ROOT_HOME}/.config/guix/current/etc/openrc/guix-daemon" \
394 /etc
/init.d
/guix-daemon
;
395 chmod 775 /etc
/init.d
/guix-daemon
;
397 rc-update add guix-daemon default
&&
398 rc-service guix-daemon start
; } &&
399 _msg
"${PAS}enabled Guix daemon via OpenRC"
402 _msg
"${ERR}unsupported init system; run the daemon manually:"
403 echo " ${ROOT_HOME}/.config/guix/current/bin/guix-daemon --build-users-group=guixbuild"
407 _msg
"${INF}making the guix command available to other users"
409 [ -e "$local_bin" ] || mkdir
-p "$local_bin"
410 ln -sf "${var_guix}/bin/guix" "$local_bin"
412 [ -e "$info_path" ] || mkdir
-p "$info_path"
413 for i
in ${var_guix}/share
/info
/*; do
414 ln -sf "$i" "$info_path"
418 sys_authorize_build_farms
()
419 { # authorize the public key of the build farm
421 read -p "Permit downloading pre-built package binaries from the project's build farm? (yes/no) " yn
423 [Yy
]*) guix archive
--authorize < "${ROOT_HOME}/.config/guix/current/share/guix/ci.guix.gnu.org.pub" &&
424 _msg
"${PAS}Authorized public key for ci.guix.gnu.org";
426 [Nn
]*) _msg
"${INF}Skipped authorizing build farm public keys"
428 *) _msg
"Please answer yes or no.";
433 sys_create_init_profile
()
434 { # Create /etc/profile.d/guix.sh for better desktop integration
435 # This will not take effect until the next shell or desktop session!
436 [ -d "/etc/profile.d" ] || mkdir
/etc
/profile.d
# Just in case
437 cat <<"EOF" > /etc/profile.d/guix.sh
438 # _GUIX_PROFILE: `guix pull` profile
439 _GUIX_PROFILE="$HOME/.config/guix/current"
440 if [ -L $_GUIX_PROFILE ]; then
441 export PATH="$_GUIX_PROFILE/bin${PATH:+:}$PATH"
442 # Export INFOPATH so that the updated info pages can be found
443 # and read by both /usr/bin/info and/or $GUIX_PROFILE/bin/info
444 # When INFOPATH is unset, add a trailing colon so that Emacs
445 # searches 'Info-default-directory-list'.
446 export INFOPATH="$_GUIX_PROFILE/share/info:$INFOPATH"
449 # GUIX_PROFILE: User's default profile
450 GUIX_PROFILE="$HOME/.guix-profile"
451 [ -L $GUIX_PROFILE ] || return
452 GUIX_LOCPATH="$GUIX_PROFILE/lib/locale"
453 export GUIX_PROFILE GUIX_LOCPATH
455 [ -f "$GUIX_PROFILE/etc/profile" ] && . "$GUIX_PROFILE/etc/profile"
457 # set XDG_DATA_DIRS to include Guix installations
458 export XDG_DATA_DIRS="$GUIX_PROFILE/share:${XDG_DATA_DIRS:-/usr/local/share/:/usr/share/}"
466 ░░▒▒░░░░░░░░░ ░░░░░░░░░▒▒░░
467 ░░▒▒▒▒▒░░░░░░░ ░░░░░░░▒▒▒▒▒░
468 ░▒▒▒░░▒▒▒▒▒ ░░░░░░░▒▒░
478 _____ _ _ _ _ _____ _
479 / ____| \ | | | | |
/ ____|
(_
)
480 | | __| \| | | | | | | __ _ _ ___ __
481 | | |_ | .
' | | | | | | |_ | | | | \ \/ /
482 | |__| | |\ | |__| | | |__| | |_| | |> <
483 \_____|_| \_|\____/ \_____|\__,_|_/_/\_\
485 This script installs GNU Guix on your system
487 https://www.gnu.org/software/guix/
489 echo -n "Press return to continue..."
498 _msg "Starting installation ($(date))"
501 chk_require "${REQUIRE[@]}"
506 _msg "${INF}system is ${ARCH_OS}"
509 tmp_path="$(mktemp -t -d guix.XXX)"
511 guix_get_bin_list "${GNU_URL}"
512 guix_get_bin "${GNU_URL}" "${BIN_VER}" "$tmp_path"
514 sys_create_store "${BIN_VER}.tar.xz" "${tmp_path}"
515 sys_create_build_user
516 sys_enable_guix_daemon
517 sys_authorize_build_farms
518 sys_create_init_profile
520 _msg "${INF}cleaning up ${tmp_path}"
523 _msg "${PAS}Guix has successfully been installed!"
524 _msg "${INF}Run 'info guix
' to read the manual."
526 # Required to source /etc/profile in desktop environments.
527 _msg "${INF}Please log out and back in to complete the installation."